Security experts have raised risk assessments for the recently discovered virus W32/[email protected], also known as Lovgate.ab.
Researchers from McAfee's AVERT antivirus team said they had moved Lovgate.ab up to medium risk after receiving more than 100 samples of the worm from customers and virus-generated mail around the world in the first few hours after its discovery yesterday.
Lovgate.ab is a prolific internet worm that spreads via email, sending itself to addresses found on the victim's machine in the form of a .zip archive, or as an .exe, .scr, .pif, .cmd or .bat file.
The zip file may have a .zip or .rar extension, and may also be dropped to the root of local and mapped drives.
Once activated the worm attempts to deliver its payload, which potentially opens infected machines to remote users through a network share.
"The worm then attempts to drop a backdoor component, copy itself to poorly secured remote shares and create a share on the victim's machine called 'MEDIA'," warned AVERT.
"If the worm is able to copy itself to remote shares, it attempts to execute itself remotely. The worm also adds a registry key that helps it activate at the system startup."
The worm has also been found to terminate processes associated with antivirus and security products.
Further information from AVERT can be found here.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance